com.jalios.jcms.authentication.handlers

Class JWTAuthenticationHandler

java.lang.Object

com.jalios.jcms.authentication.AuthenticationHandler

com.jalios.jcms.authentication.handlers.JWTAuthenticationHandler

All Implemented Interfaces:

PluginComponent, JPropertiesListener, java.lang.Comparable<AuthenticationHandler>

public class JWTAuthenticationHandler
extends AuthenticationHandler
implements JPropertiesListener

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	AUTHENTICATION_FROM_JWT Name of request attribute indicating that this request was authenticated using JWT
static java.lang.String	JWT_CLAIM_DELEGATE_MEMBER_ID Name of claim to specify the delegate member id to be set if athenticated with specified JWT Token.
static java.lang.String	JWT_CLAIM_IP_MASK Name of claim containing the IP mask defining IPs authorized with the JWT token.
static java.lang.String	JWT_CLAIM_METHODS Name of claim containing the HTTP methods authorized with the JWT token.
static java.lang.String	JWT_CLAIM_URL Name of claim containing the URL authorized to be access with the JWT token (can be an URL prefix prefix if claim JWT_CLAIM_URL_PREFIX_LENGTH was specified)
static java.lang.String	JWT_CLAIM_URL_PREFIX_LENGTH Name of claim containing the length of the URL authorized to be access with the JWT token (if unspecified, an exact URL match will be expected)
static java.lang.String	JWT_CLAIMS Name of request attribute used to store the JwtClaims that were validated for this request
static int	ORDER_CLIENT_CERTIFICATE_HANDLER

Fields inherited from class com.jalios.jcms.authentication.AuthenticationHandler

channel, GENERIC_BAD_AUTHENTICATION_MSG, REVISION

Fields inherited from interface com.jalios.util.JPropertiesListener

REVISION

Method Summary

Modifier and Type	Method and Description
static JWTAuthenticationHandler	getInstance()
static org.jose4j.jwt.JwtClaims	getJwtClaims(javax.servlet.http.HttpServletRequest request) Retrieve the JWT claims that were validated for this request (as long it was authenticated using JWT).
static java.lang.String	getJwtClaimsJson(javax.servlet.http.HttpServletRequest request) Retrieve the JWT claims that were validated for this request (as long it was authenticated using JWT).
static boolean	isAuthenticatedWithJWT(javax.servlet.http.HttpServletRequest request) Check if the specified request was authenticated using a JWT token
boolean	isEnabled()
void	loadProperties() This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded. You can use it to reload properties that might have been changed. This method is called during initialization of the AuthenticationManager
void	login(AuthenticationContext ctxt) Authenticate a member.
void	propertiesChange(JProperties properties) Invoked after properties have been modified in JCMS and save on disk.

Methods inherited from class com.jalios.jcms.authentication.AuthenticationHandler

canLogout, compareTo, equals, getOrder, init, logout, setOrder

Methods inherited from class java.lang.Object

clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTHENTICATION_FROM_JWT

public static final java.lang.String AUTHENTICATION_FROM_JWT

Name of request attribute indicating that this request was authenticated using JWT

Since:

jcms-10.0.4 / JCMS-7781

See Also:

isAuthenticatedWithJWT(HttpServletRequest), Constant Field Values

JWT_CLAIMS

public static final java.lang.String JWT_CLAIMS

Name of request attribute used to store the JwtClaims that were validated for this request

Since:

jcms-10.0.4 / JCMS-7443

See Also:

getJwtClaims(HttpServletRequest), getJwtClaimsJson(HttpServletRequest), Constant Field Values

JWT_CLAIM_IP_MASK

public static final java.lang.String JWT_CLAIM_IP_MASK

Name of claim containing the IP mask defining IPs authorized with the JWT token.

See Also:

Constant Field Values

JWT_CLAIM_METHODS

public static final java.lang.String JWT_CLAIM_METHODS

Name of claim containing the HTTP methods authorized with the JWT token.

See Also:

Constant Field Values

JWT_CLAIM_URL

public static final java.lang.String JWT_CLAIM_URL

Name of claim containing the URL authorized to be access with the JWT token (can be an URL prefix prefix if claim JWT_CLAIM_URL_PREFIX_LENGTH was specified)

See Also:

Constant Field Values

JWT_CLAIM_URL_PREFIX_LENGTH

public static final java.lang.String JWT_CLAIM_URL_PREFIX_LENGTH

Name of claim containing the length of the URL authorized to be access with the JWT token (if unspecified, an exact URL match will be expected)

See Also:

Constant Field Values

JWT_CLAIM_DELEGATE_MEMBER_ID

public static final java.lang.String JWT_CLAIM_DELEGATE_MEMBER_ID

Name of claim to specify the delegate member id to be set if athenticated with specified JWT Token.

Example to propagate the current delegate member :

    JwtClaims claims = JwtManager.getInstance().generateDefaultClaims(someMember, [...]);
    claims.setClaim(JWTAuthenticationHandler.JWT_CLAIM_DELEGATE_MEMBER_ID, JcmsUtil.getId(Channel.getChannel().getCurrentDelegateMember()));
 

Since:

jcms-10.0.6 / JCMS-8856

See Also:

Constant Field Values

ORDER_CLIENT_CERTIFICATE_HANDLER

public static final int ORDER_CLIENT_CERTIFICATE_HANDLER

See Also:

Constant Field Values

Method Detail

getInstance

public static final JWTAuthenticationHandler getInstance()

isEnabled

public boolean isEnabled()

loadProperties

public void loadProperties()

Description copied from class: AuthenticationHandler

This method will be called by the AuthenticationManager each time the Channel properties are loaded/reloaded.
You can use it to reload properties that might have been changed.
This method is called during initialization of the AuthenticationManager

Overrides:

loadProperties in class AuthenticationHandler

login

public void login(AuthenticationContext ctxt)
           throws java.io.IOException

Description copied from class: AuthenticationHandler

Authenticate a member.
This method is invoked by the authentication chain on each request.
A typical implementation of this method would follow the following pattern :

1. Examine informations required to perform the authentication through the AuthenticationContext object (request, response, login.. etc)
2. Perform your authentication before chain invokation and set the logged Member AuthenticationContext.setLoggedMember(com.jalios.jcms.Member)
3. a) Either invoke the next entity in the chain using AuthenticationContext.doChain(),
4. b) or else skip the chain invokation and block other authentication handler of the chain (do this with caution...)
5. Perform redirection, set information/warning/error message or any other process, after chain invokation, using AuthenticationContext.

Default implementation is to invoke the next handler in the chain.

Overrides:

login in class AuthenticationHandler

Parameters:

ctxt - the AuthenticationContext used for this login

Throws:

java.io.IOException

propertiesChange

public void propertiesChange(JProperties properties)

Description copied from interface: JPropertiesListener

Invoked after properties have been modified in JCMS and save on disk.

You cannot alter the value received in parameters.

Note that properties parameter may be null, a limited set of site properties, or all site properties.

To check that a property has been modified, reload the "current" property instead using channel.getProperties or channel.getProperty.

Specified by:

propertiesChange in interface JPropertiesListener

Parameters:

properties - the properties which have been submitted to change

isAuthenticatedWithJWT

public static boolean isAuthenticatedWithJWT(javax.servlet.http.HttpServletRequest request)

Check if the specified request was authenticated using a JWT token

Parameters:

request - the current HttpServletRequest, may be null

Returns:

true if request was authenticated with JWT, false otherwise

Since:

jcms-10.0.4 / JCMS-7781

getJwtClaimsJson

public static java.lang.String getJwtClaimsJson(javax.servlet.http.HttpServletRequest request)

Retrieve the JWT claims that were validated for this request (as long it was authenticated using JWT).

Parameters:

request - the current HttpServletRequest, may be null

Returns:

the JWT claims as a raw JSON string (if request was authenticated with JWT), null otherwise

Since:

jcms-10.0.4 / JCMS-7443

getJwtClaims

public static org.jose4j.jwt.JwtClaims getJwtClaims(javax.servlet.http.HttpServletRequest request)

Retrieve the JWT claims that were validated for this request (as long it was authenticated using JWT).

Parameters:

request - the current HttpServletRequest, may be null

Returns:

the JWT claims (if request was authenticated with JWT), null otherwise

Since:

jcms-10.0.4 / JCMS-7443